sk_crm_user_addok.asp

为你节约成本,让你的企业在信息时代助上一臂之力!!! 真正做到无纸办公,全自动化信息办公,不受地点的限制,只要你能上网就能随时随地掌握公司动向.

<% @language="vbscript" %>
<!--#include file="Md5.asp"-->
<% 
response.buffer=true
Response.Expires=0
if session("quanxian")<"3"  then
Response.Write("<script>alert(""对不起,你的权限不够！"");history.back();</script>")
response.end
end if

dim name
dim mclass_folder
dim url
dim pass
dim rpass
dim email
dim show
dim rq
dim aq

name=Request.form("name")
mclass_folder=request.form("mclass_folder")
pass="123456"

quanxian=request.form("quanxian")
userd=request.form("user_id")
'--------------------------------------------
ming=request.form("ming")
sex=request.form("sex")
bumen=request.form("bumen")
zhiwu=request.form("zhiwu")
phone=request.form("phone")
mobile=request.form("mobile")
'--------------------------------------------
email=request.form("email")
url=request.form("url")
chayue=request.form("chayue")

'--------------------------------------------

if InStr(ucase(name),"奸")>0 or InStr(ucase(name),"淫")>0 or InStr(ucase(name),"娼")>0 or InStr(ucase(name),"嫖")>0 or InStr(ucase(name),"性")>0 and InStr(ucase(name),"交")>0 or InStr(ucase(name),"妓")>0 or InStr(ucase(name),"色")>0 and InStr(ucase(name),"黄")>0 or InStr(ucase(name),"色")>0 and InStr(ucase(name),"情")>0 or InStr(ucase(name),"日")>0 and InStr(ucase(name),"妈")>0 or InStr(ucase(name),"日")>0 and InStr(ucase(name),"妹")>0 or InStr(ucase(name),"日")>0 and InStr(ucase(name),"姐")>0 or InStr(ucase(name),"日")>0 and InStr(ucase(name),"娘")>0 or InStr(ucase(name),"日")>0 and InStr(ucase(name),"奶")>0 or InStr(ucase(name),"乳")>0 or InStr(ucase(name),"阴")>0 or InStr(ucase(name),"操")>0 and InStr(ucase(name),"妈")>0 or InStr(ucase(name),"dia")>0 or InStr(ucase(name),"叼")>0 or InStr(ucase(name),"口刀")>0 or InStr(ucase(name),"色")>0 or InStr(ucase(name),"靠")>0 then
        Response.Write("<script>alert(""注册失败，姓名包含不雅字符！"");history.back();</script>")
	response.end
end if
if InStr(ucase(name),"=")>0 or InStr(ucase(name),"`")>0 or InStr(ucase(name)," ")>0 or InStr(ucase(name),"　")>0 or InStr(ucase(name),"'")>0 or InStr(ucase(name),chr(34))>0 or InStr(ucase(name),"\")>0 or InStr(ucase(name),",")>0 or InStr(ucase(name),"<")>0 or InStr(ucase(name),">")>0 then
        Response.Write("<script>alert(""对不起,用户名不能含有空格、<、>、=、引号、半角逗号、反斜杠等字符！"");history.back();</script>")
	response.end
end if
if InStr(ucase(name),"&")>0 or InStr(ucase(name),"=")>0 or InStr(ucase(name)," ")>0 then
	Response.Write("<script>alert(""对不起,用户名包含非法字符！"");history.back();</script>")
	response.end
end if

%>
<!--#include file="conn.asp" -->

<%
dim rs2,sql2,weburl
set rs2=server.createobject("adodb.recordset")                
sql2="select * from SK_CRM_System"
rs2.Open sql2,conn,1,3
weburl=rs2("weburl")

rs2.close
set rs2=nothing

dim rs,sql
set rs=server.createobject("adodb.recordset")                
sql="select * from SK_mclass where name='"&name&"'"
rs.Open sql,conn,1,3
if not rs.eof or not rs.bof then
Response.Write("<script>alert(""对不起,该用户名已经存在！"");history.back();</script>")
response.end
else
rs.AddNew 
rs("name")=name
rs("mclass_folder")=mclass_folder
rs("pass")=md5(pass)
rs("url")=url
rs("quanxian")=quanxian
rs("login")=now()
rs("email")=email
rs("show")=show
rs("ming")=ming
rs("sex")=sex
rs("bumen")=bumen
rs("zhiwu")=zhiwu
rs("phone")=phone
rs("mobile")=mobile
rs("chayue")=chayue
rs("user_id")=userd
rs("fenye")="10"
rs("waifenye")="10"
rs.Update
%>
<%
response.Redirect "SK_CRM_system_userlist.asp?SK_mclass=78"
response.end
%>
<%
rs.close
set rs=nothing
conn.close
set conn=nothing
end if
%>